To install TUPAS Emulator as an authentication method, first install the TUPAS Emulator on your application server, and then set it up for use in Ubisecure Authentication Server.

Before installation

TUPAS Emulator requires the Java 2 Standard Edition (J2SE) run-time environment. The latest version 1.4 of J2SE is recommended for installing and running TUPAS Emulator. TUPAS Emulator uses Java Servlet and JavaServer Pages technology and requires a Servlet/JSP container that implements the JavaServer Pages 1.2 specifications.

System requirements

Ubisecure Authentication Server
- Installation according to Installation - SSO
J2SE 1.4.2 SDK or newer
Servlet/JSP container with JSP 1.2, such as Apache Tomcat 5.5

Required files

methods-tupas.ldif
- Configuration file from Ubisecure Server Installation
tupasemulator.zip or tupasemulator.tar.gz
- TUPAS Emulator software

Installing TUPAS Emulator

Unpacking the software on Windows

In Windows, unzip the Zip archive into the C:\Ubisecure folder.

Unpacking TUPAS Emulator on Windows

cd /d c:\ubisecure
unzip tupasemulator.zip

The following new files are now unpacked:

mergetupasemulator.cmd
tupasemulator/tupasemulator.war
tupasemulator/WEB-INF/tupas.properties

Unpacking the software on Linux

In Linux, unpack the Tar archive into the /usr/local/ubisecure folder.

Unpacking TUPAS Emulator on Linux

cd /usr/local/ubisecure
gzip -dc tupasemulator.tar.gz | tar xvf -

The following new files are now unpacked:

mergetupasemulator.sh
tupasemulator/tupasemulator.war
tupasemulator/WEB-INF/tupas.properties

Configuration

You can now configure the software by editing the configuration file tupas.properties. Please refer to the Configuring TUPAS Emulator on for more information about configuring TUPAS Emulator.

If you leave the configuration file intact, TUPAS Emulator will work with default configuration settings (see Appendix: System configuration files).

Deployment

TUPAS Emulator web application is distributed and installed as standard Web Archive (.war) files. A .war file is deployed with Apache Tomcat by copying the .war file to the webapps directory in the Tomcat installation directory.

The .war file in the TUPAS Emulator software package does not contain any configuration settings. Before deployment the configuration file must be merged into the .war file. The TUPAS Emulator software package includes a command to simplify merging the .war file and the configuration file:

Merging on Windows

cd /d c:\ubisecure
mergetupasemulator.cmd

Merging on Linux

cd /usr/local/ubisecure
sh mergetupasemulator.sh

As a result of the merge command the merged .war file is created into the webapps folder. Copy the merged .war file to the webapps directory in the Tomcat installation directory:

Windows

cd /d c:\ubisecure\webapps
copy tupasemulator.war "C:\Program Files\apache-tomcat-5.5.17\webapps"

Linux

cd /usr/local/ubisecure/webapps
copy tupasemulator.war /usr/local/apache-tomcat-5.5.17/webapps

The TUPAS Emulator software is now installed. In order to test if TUPAS Emulator deployment was successful, please refer to After Installation chapter later on this page.

Setting up the Ubisecure Authentication Server

Setting up the Ubisecure LDAP directory

Add an TUPAS Emulator authentication object to your Ubisecure LDAP directory with the import script from Ubisecure Server Installation. You will need the file methods.ldif. After installing UAS according to document Installation - SSO, this file will be in directory c:\Ubisecure\ldap (Windows environment) or /usr/local/ubisecure/ldap (Linux environment). From this file, copy the part that contains "Tupas 2, test" to a new file named tupasemulator.ldif.

Example of tupasemulator.ldif

Tupas 2, Test dn: 
cn=tupas.test.1,cn=Server,ou=System,cn=Ubilogin,dc=localhost
changetype: add 
cn: tupas.test.1
objectClass: top
objectClass: ubiloginAuthMethod 
ubiloginAuthMethodType: Tupas 2
ubiloginClassname: com.ubisecure.auth.login.Tupas2LoginModule
ubiloginConfString: alg 01 
ubiloginConfString: idtype 02
ubiloginConfString: keyvers 0001 
ubiloginConfString: langcode FI
ubiloginConfString: macKey1 LEHTI 
ubiloginConfString: rcvid 87654321
ubiloginConfString: url http://localhost:8080/tupasemulator/
ubiloginConfString: vers 0002
ubiloginEnabled: FALSE
ubiloginTitle: Tupas Test

Choose the import script according to your platform and Ubisecure LDAP directory. Execute the following commands to create the TUPAS Emulator authentication object in the Ubisecure LDAP directory.

Initializing Ubisecure Directory and TUPAS Emulator in Windows

cd /d c:\ubisecure\ldap
openldap\import.cmd tupasemulator.ldif

Initializing Ubisecure Directory and TUPAS Emulator in Linux

cd /usr/local/ubisecure/ldap
sh openldap/import.sh tupasemulator.ldif

Configuring the Ubisecure Server

Start a session with Ubisecure Management and go straight from the top level to page "Global Method Settings". There you should now see entry "TUPAS Test". Open it and set the necessary parameters.

Select the Global Method Settings tab in Ubisecure Management after logging in as administrator
Select the TUPAS authentication method
Choose a Title that will be visible for end users
Set Status enabled
Go to Tupas 2 tab
Set the url where the TUPAS Emulator has been installed


Configuring TUPAS Emulator in Ubisecure Server Management

Leave the other settings as default if your TUPAS Emulator configuration was also default. After completing these settings, Ubisecure Server is configured to use TUPAS Emulator for an authentication method.

After installation

Testing TUPAS Emulator authentication

TUPAS Emulator accepts only HTTP post -requests and does not reply to any HTTP get -requests. In order to test TUPAS Emulator, you have to configure an application, user or group to use TUPAS Emulator authentication method. For more detailed instructions for configuring authentication method for use, please refer to document SSO Management.

Logging in with the TUPAS Emulator

Please refer to your tupas.properties configuration file for configured usernames and passwords, which enable user access with TUPAS Emulator authentication method.

Browser not supported